#set( $symbol_pound = '#' )
#set( $symbol_dollar = '$' )
#set( $symbol_escape = '\' )
package ${package}.oauth.server;

import ${package}.oauth.configure.YkResourceConfig;
import ${package}.oauth.facade.AuthorizeConfigManager;
import ${package}.oauth.handler.YkAccessDeniedHandler;
import ${package}.oauth.handler.YkAuthExceptionEntryPoint;
import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.expression.OAuth2WebSecurityExpressionHandler;
import org.springframework.security.oauth2.provider.token.TokenStore;

/**
 * Description:
 *     资源服务器的配置类
 *
 * @author wupanhua
 * @date 2019/8/6 15:28
 *
 * <pre>
 *              ${copyright}
 *      Copyright (c) 2019. All Rights Reserved.
 * </pre>
 */
@Configuration
@AllArgsConstructor
@EnableResourceServer
public class YkAuthOauth2ResourceServerAuthConfig extends ResourceServerConfigurerAdapter {

    /**
     * TokenStore
     */
    private final TokenStore tokenStore;
    /**
     * YkAuthExceptionEntryPoint
     */
    private final YkAuthExceptionEntryPoint ykAuthExceptionEntryPoint;

    /**
     * YkAccessDeniedHandler
     */
    private final YkAccessDeniedHandler ykAccessDeniedHandler;

    private final AuthorizeConfigManager authorizeConfigManager;

    private final OAuth2WebSecurityExpressionHandler expressionHandler;
    /**
     * 自定义安全配置
     */
    private final YkResourceConfig ykResourceConfig;
    /**
     * Description:
     * <配置哪些接口可以不用认证>
     * @author ywh
     * @date 13:48 2019/8/7
     * @param http 1
     **/
    @Override
    public void configure(HttpSecurity http) throws Exception {
        authorizeConfigManager.config(http.authorizeRequests());
    }

    /**
     * Description:
     * <无法补充>
     * @author ywh
     * @date 13:49 2019/8/7
     * @param resources 1
     **/
    @Override
    public void configure(ResourceServerSecurityConfigurer resources){
        resources
                // 资源服务器id
                .resourceId(ykResourceConfig.getResourceId())
                // 表达式控制句柄
                .expressionHandler(expressionHandler)
                // token的存储位置
                .tokenStore(tokenStore)
                // token失效或者缺失异常
                .authenticationEntryPoint(ykAuthExceptionEntryPoint)
                // token权限不足的异常
                .accessDeniedHandler(ykAccessDeniedHandler);
    }

}
